Importing and synchronizing users and groups with an LDAP server in Hue
You can import and synchronize one user at a time, synchronize all user memberships in all groups, import and synchronize all users in one group, or enable synchronization of group memberships automatically when users in those groups log in to Hue.
- Hue must be configured to authenticate with LDAP.
- The logged in user must have Hue superuser permissions.
- Log in to Hue as a superuser.
.The User Admin page is displayed.
To import and synchronize one LDAP user in Hue:
- Click Add/Sync LDAP user.
- Add a username, check Create home directory, and click Add/Sync user.
To synchronize group memberships for LDAP users who have already been imported to
- Click Sync LDAP users/groups.
- Select the Create home directories option and click Sync.
To import and synchronize one LDAP group containing its users:
- Click Add/Sync LDAP group.
- Check Create home directories, and click Sync.
To configure Hue to automatically synchronize LDAP groups and their users when they log
in to Hue:
- Log in to Cloudera Manager as an Administrator.
Go to Hue Service Advanced
Configuration Snippet (Safety Valve) for hue_safety_valve.ini
and enter the following lines in the
[desktop] [[ldap]] sync_groups_on_login=true
- Click Save Changes.
- Restart the Hue service.
To synchronize LDAP groups having the newly added users that need to be added to Hue,
run the following command separately for each LDAP group:
$HUE_HOME/build/env/bin/hue import_ldap_group --import-members [***LDAP-GROUP-NAME***] --cm-managedYou can script and automate this process using a cron job.